Automated tests are now beginning to trigger Cloudflare / Hcaptcha on our DEV theme

Technical Q&A

Topic summary

Playwright automation tests on a Shopify staging theme are now triggering Cloudflare verification and hCaptcha challenges, particularly during account creation and payment processes.

Key Details:

  • Issue began appearing when tests run through cloud service LambdaTest (not locally)
  • Cloudflare verification occurs 25-50% of the time during account creation
  • hCaptcha challenges recently started appearing during checkout
  • Timing correlates with Shopify’s migration to hCaptcha a few weeks prior

Attempted Solutions (unsuccessful):

  • Tunneling
  • Limiting test rates
  • Modifying automation behavior

Official Response:
Shopify Support confirmed hCaptcha is part of their standard security protocol, automatically triggered by automated/unusual activity. No workaround exists to disable or bypass it, even for development stores. They suggest slowing down automated tests or adding intervals between attempts to potentially reduce frequency, but complete removal is not possible.

Status: Unresolved - multiple users experiencing the same blocking issue with regression testing.

Summarized with AI on October 28. AI used: claude-sonnet-4-5-20250929.
1

Hello everyone,

We’ve been running playwright automation tests on our ecommerce staging theme without any issues for the last month.

Just this monday, when running my first automation test of the week, we began to get a Cloudflare verification on account creation. This is something that only happens over our cloud service LambdaTest, doesn’t seem to trigger when ran locally.

Screenshot 2024-08-06 at 11.23.12 AM.png
Screenshot 2024-08-06 at 11.23.12 AM.png2598×1976 173 KB

We have tried to do many things to rectify the issue include tunneling, limiting our test rates, changing up some of the behavior on our automation and it has had little to no result. The account creation continues to bring up a cloudflare verification about 25-50% of the time, but never locally.

We have been trying to find a resolution and today after a meeting when running another test, we now started to get an hCaptcha during payment process, something that has also never been an issue.

Screenshot 2024-08-07 at 9.52.06 AM.png
Screenshot 2024-08-07 at 9.52.06 AM.png2876×1854 350 KB

https://changelog.shopify.com/posts/migration-to-hcaptcha-on-storefronts I found this article and realized that Shopify had updated to hCaptcha a couple of weeks ago which leads me to believe there may be some relation.

Does anyone have any insight on how we can proceed from here? We just want to be able to do regression on our store after an update and its very hard when we’re being blocked on account registrations and payments. Our hCaptcha enabled check boxes are all blank inside of our online store properties.

5 Likes
2

I am having the same issue. Was a resolution found?

3

They answered this to me recently (nothing worked):

"Hi Andre,

Thank you for reaching out and for your patience while we looked into this further.

After carefully reviewing the issue, we confirmed that the appearance of hCaptcha in your store is part of Shopify’s standard security protocol. hCaptcha is automatically triggered when unusual or automated login activity is detected, even in a testing environment, as a security measure to safeguard accounts and prevent unauthorized access.

Unfortunately, there’s no available method or workaround to fully disable or bypass hCaptcha, even for test or development stores. This default measure ensures the overall security and reliability of the platform for all merchants and customers.

We understand this might cause some inconvenience during testing scenarios. To mitigate or reduce the appearance of hCaptcha, slowing down automated tests or implementing intervals between login attempts may help; however, complete removal isn’t possible.

Please let us know if you have any further questions. We’re always happy to help.

Kind Regards"

Jack L | Shopify Support